package com.sixbro.resource.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;

/**
 * <p>
 *  OAuth2.0 资源服务器
 * </p>
 *
 * @author: Mr.Lu
 * @since: 2021/12/6 17:23
 */
@EnableWebSecurity(debug = true)
@Configuration(proxyBeanMethods = false)
public class ResourceServerConfiguration {

    /**
     * Security filter chain security filter chain.
     *
     * @param httpSecurity the http security
     * @return the security filter chain
     * @throws Exception the exception
     */
    @Bean
    SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.csrf().disable()
                .mvcMatcher("/message/**")
                .authorizeRequests(requests ->
                        requests.anyRequest().access("hasAuthority('SCOPE_openid')"))
                .oauth2ResourceServer().jwt();
        return httpSecurity.build();
    }
}
